7 Networks The distribution services are: Association: when a station enter a new BSS, it establishes an association with the AP of this BSS, and if it is authentified, can send and receive data via this AP Dissociation: can be used by either a station or an AP Reassociation: it enables a station which already has an association with an AP to move from this AP to another one. Distribution: determines how frames have to routed to an AP. If the destination is local, we can send the frames directly. If not, they have to be transmitted via the wire network. Integration: if a frame has to be routed trough a network not using , this service does the translation 7

8 Networks The Intracell services are: - Authentication: used to establish the identity of others stations - Authentication cancelling: when a station wants to leave its network, its authentication is cancelled. - Privacy: it prevents the content of messages from being read by anyone other than the intended recipient. - Data delivery 8

9 Networks Standard a b f g i n Name Wi-Fi 5 Wi-Fi Roaming WWiSE (World- Wide Spectrum Efficienc y WiFi standards High Bandwith (54 Mbit/s théoriques, 30 Mbit/s réels) Frequency band :5 GHz. The most common Theorical bandwith 11 Mbit/s (6 Mbit/s real) Up to 300 meters if no barriers Band : 2,4 GHz with Description Enable the user to change his or her AP when moving, thanks to the Inter-Access point roaming protocol High Bandwith (54 Mbit/s,26 Mbit/s real) on the band of des 2,4 GHz. Devices using g can still work existing networks (most commonly b devices) This standard aims at improving security on wireless transmissions, thanks to the Advanced Encryption Standard (see 2 for more information about security) This is a new technology (april 2007), which should provide 540 Mbit/s (the real bandwith is 100 Mbit/s within a 90 meters area) 9

12 Networks Frame structure supports three types of frames: management frames (00), control frames (01) and data frames (10). Management frames are used for station association, disassociation, timing and synchronization, authentication and desauthentication. Control frames are used for handshaking and positive acknowledgments during the data exchange. Data frames are used to exchange data. 12

13 Networks Current Issues and Challenges Interference Quality of Service Mobility 13

15 Networks Why? - Different environments: has to deal with mobility mostly connects buildings covers bigger areas => the strength of the radio signal can be very different, more complex problem of modulation 15

16 Networks has to connect more users per cell, and has to have a larger bandwidth - =>WiFi connections transmit up to 54 megabits per second /WiMAX should be able to handle up to 70 megabits per second WiFi's range is about 100 feet (30 m). WiMAX range will be about 30 miles (50 km) with wireless access. - The waves are different => adapt the physical layer. Waves can be absorbed by the rain, snow, or clouds, so we have to be careful about the errors can perfectly handle real-time applications (such as voice or videos). 16

17 Networks A WiMAX tower, ~ cell-phone tower And a WiMAX receiver 2 forms of wireless service: - non-line-of-sight, WiFi sort of service, where a small antenna on your computer connects to the tower. lower frequency range - line-of-sight service, where a fixed dish antenna points straight at the WiMAX tower from a rooftop or pole higher frequencies. 17

18 Networks OSI Structure 18

19 Networks Frame structure the EC field indicates whether the data are encrypted or not the IC field tells us whether a final checksum is used or not the EK fields indicates the keys used for the encryption, if there is one the length field gives the length of the whole frame, including the header the Header CRC is a header checksum (calculated with a polynomial) 19

20 2. WiFi

21 Existing Protocols : SSID MAC Address Filtering WEP 21

22 SSID For Service Set IDentifier The first step in user s authentification Configurable identification that allows clients to communicate to the AP 22

23 SSID 23

24 SSID (and why it is quite inutile) AP have default SSID : «tsunami» for Cisco devices Devices unfortunately use to broadcast their SSID during beacon frames An attacker can discover your SSID by using a bruteforce dictionary attack 24

25 MAC Address Filtering Permit only a few MAC addresses to connect to the network Two ways : The AP has the list of authorized MAC addresses A RADIUS server is used to centralize the correct MAC addresses 25

26 MAC Address Filtering 26

27 MAC Address Filtering First possibility : Locally You have to administrate locally the authorization MAC addresses and it becomes a problem when the numbers of clients and APs grows. 27

28 MAC Address Filtering Second Possibility : RADIUS Server The entire list of authorized addresses can be found, not encrypted in the configuration file of the server 28

29 MAC Address Filtering The main problem is that the MAC address of the client is sent in clear : any intruder can sniff authorized MAC addresses and, then, changes his own address with proper tools 29

30 WEP Wired Equivalent Privacy 30

31 WEP SSID and MAC Addresses are transmitted in the clear text Encoding the data : SSID, MAC Address, data sent after the connection between the user and the server. 31

32 WEP It is an optional encryption standard implemented in the MAC Layer. So it is used at the 2 lowest layers, the data link and the physical layer. It is using a static key, a 64-bit one or a 128-bit one. 32

33 WEP in Action The NIC (Network Interface Card) encrypts the payload (frame body and CRC) of each frame before transmission using an RC4 stream cipher provided by RSA. So WEP only encrypts data between stations. Once the frame enters the wired side of the network, such as between access points, WEP no longer applies. 33

34 WEP Wired Network Encoding only on the wireless network The same secret 34

35 Authentication Mechanism First Step A requesting station sends an Authentication frame to the intend responder announcing that it intends to use shared key authentication. 35

36 Authentication Mechanism Second Step Generate random number to challenge station The responder replies with the second Authentication frame having 128 bytes of random challenge text generated by the WEP engine in a standard form. 36

37 Authentication Mechanism Third Step Encrypt challenge using RC4 algorithm Generate random number to challenge station The requester copies the challenge in the third Authentication frame, encrypts the frame with it's secret key and sends it back to the responder. 37

38 Authentication Mechanism Fourth Step Encrypt challenge using RC4 algorithm Generate random number to challenge station Decrypt response to recover challenge Verify that challenge equate The responder then checks the ICV and if correct, it decrypts the contents of the challenge text field and compares them to that sent in frame 2. If the contents match, it sends a final frame announcing success. If the contents don't match or the ICV check fails, the final frame announces failure. 38

39 WEP Algorithm The secret key used in WEP algorithm is 40-bit long (or 104) with a 24-bit Initialization Vector (IV) that is concatenated to it for acting as the encryption/decryption key. 39

40 WEP Algorithm Encryption 40

41 WEP Algorithm Decryption 41

42 What s wrong with WEP? Relatively short IVs : for a large busy network, reoccurence of IV can happen within an hour or so Sniffing Static key : it is the same key for all the APs and the users of the network rarely changed 42

43 However WEP is better that nothing Most of the time, WEP is turned off 90% less intrusions Protecting many home and business networks from the general public 43

Wireless LAN -Architecture IEEE has defined the specifications for a wireless LAN, called IEEE 802.11, which covers the physical and data link layers. Basic Service Set (BSS) Access Point (AP) Distribution

IEEE 802.11 Technical Tutorial Introduction The purpose of this document is to give technical readers a basic overview of the new 802.11 Standard, enabling them to understand the basic concepts, principle

Page 1 of 7 How Insecure is Wireless LAN? Abstract Wireless LAN has gained popularity in the last few years due to its enormous benefits such as scalability, mobile access of the network, and reduced cost

Introduction to IEEE 802.11 Characteristics of wireless LANs Advantages very flexible within the reception area Ad hoc networks without previous planning possible (almost) no wiring difficulties more robust

IEEE 802.11 The standard defines a wireless physical interface and the MAC layer while LLC layer is defined in 802.2. The standardization process, started in 1990, is still going on; some versions are:

CHAPTER 4 This chapter describes the procedures for configuring the bridge s radio network. Here s what you ll find in this chapter: Using the Configuration Radio Menu, page 4-2 Establishing an SSID (Ssid),

Wireless Local Area Networks (WLANs) and Wireless Sensor Networks (WSNs) Primer 1 Wireless Local Area Networks (WLANs) The proliferation of laptop computers and other mobile devices (PDAs and cell phones)

Article ID: 5027 Configuring Basic Wireless Settings on the RV130W Objective Wireless networking operates by sending information over radio waves, which can be more vulnerable to intruders than a traditional

Wireless Local Area Networks (WLANs)) and Wireless Sensor Networks (WSNs) Computer Networks: Wireless Networks 1 Wireless Local Area Networks The proliferation of laptop computers and other mobile devices

CHAPTER 11 WIRELESS LAN TECHNOLOGY AND THE IEEE 802.11 WIRELESS LAN STANDARD These slides are made available to faculty in PowerPoint form. Slides can be freely added, modified, and deleted to suit student

How to Set Up a Secure Home Wireless Network What you don t know about setting up a home wireless network can hurt you. 2008 APCUG Convention Session Tom Jones, P.E., RCDD-NTS CQS-CWLSS AGENDA Some Terms

Home Area Networks CS 687 University of Kentucky Fall 2015 Acknowledgment: Some slides are adapted from the slides distributed with the book Computer Networking: A Top Down Approach, 5th edition. Jim Kurose,

Introduction to Wireless Networking and Security Chino Information Technology Center Steve Siedschlag, Associate Professor What is a Wireless LAN? The wireless telegraph is not difficult to understand.

Wireless PCI PCMCIA Super G 108 Mbit Dear Customer, Manual thanks for choosing Hamlet. Please carefully follow the instructions for its use and maintenance and, once this item has run its life span, we

IEEE 802.11 Notes This document provides a primer on the layered Internet protocol stack and its correspondence to the IEEE 802.11 standard. The components and architecture of an 802.11 network along with

WL-5450AP & WL-5460AP Wireless Access Point User s Guide 1 FCC Certifications This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the

Wireless LANs The 802.11 Protocol Stack The 802.11 Physical Layer The 802.11 MAC Sublayer Protocol The 802.11 Frame Structure Services 56 802.11 The 802.11 Working Group The IEEE 802.11 was formed in July

HOW WI-FI WORKS AND WHY IT BREAKS WI-FI MECHANICS THE WI-FI COMMUNICATION PROCESS MECHANICS MECHANICS: HOW WI-FI COMMUNICATION WORKS WHAT WE LL BE COVERING Brief Discourse on Frame Types Discovery of Wi-Fi

Article ID: 5035 5 Tips to Fortify your Wireless Network Objective Although Wi-Fi networks are convenient for you and your employees, there may be unwanted clients using up the bandwidth you pay for. In

LevelOne User Manual WUA-0315 11g Wireless USB Adapter Ver. 1.0.0-1117 Safety FCC WARNING This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part

A Seminar report On Wi-Fi Technology Submitted in partial fulfillment of the requirement for the award of degree of Electronics SUBMITTED TO: www.studymafia.org SUBMITTED BY: www.studymafia.org Preface